And what is this your AppSee? [Re: The Burger King app secretly records the phone screen! ]

The moderator noted that the publication failed the test for uniqueness (it was posted on another site), but we are for pluralism and a reasoned discussion, therefore we are publishing an article. At this "cross-stock and copy-paste" amnesty is over.

image

Hi, Habr! Today, we will analyze why a buhgurt on the subject of data collection and screen recording in an already acclaimed BC application using AppSee does not carry anything sensible.

So, what is Appsee and how does its metric work?


Appsee is a powerful analytics tool designed to analyze user behavior in applications. it includes: "Click Card" - a free translation of "Touch heatmap"; allows you to track a map of user clicks in the application, recognize users, allows the developer to track the user's location and keep statistics of application crashes, errors and user behavior.


What kind of data does the AppSee collect?


From the privacy policy, we will learn that:


image

Free translation:
8. End User Data

Using our services, you can provide us with the following end user data:

1 technical information and usage statistics, which may include, among other things, the type and mode of operation of the system, duration of use, phone model, country, screens, visited in the mobile application, gestures held in the mobile application, scrolling and any other actions of the end user are performed during their use of your mobile application.

2 partially hashed IP address of the user, unique user identifier generated by the Subscriber * unique user identifier.

3 data obtained through third-party integration, provided that the Subscriber is solely responsible for ensuring the legality and protection of the data (including personal data) transferred to such complex services.

Other than the foregoing, subscribers should not provide us with any personal information about their end users. In particular, subscribers must refrain from providing Appsee any personal data of children under the age of 16, any medical, financial or insurance data or other data that is subject to specific regulatory or regulatory protection regimes (including data of the “special category” According to EU GDPR ).

Each Subscriber is solely responsible for selecting the fields and screens that can be analyzed using the services, as well as taking into account the confidentiality of applicable end-user data that may be available to the end users of the subscriber in any such field or page, and the nature of the appsee analytics services.

If you decide to provide us with personal information about your end users, you must obtain explicit user consent for such use.

Our services will not collect the full IP address of the end user, any keystrokes placed by the end user, or any information about other applications or programs that end users launch on their mobile phone / computer. Services do not track end-user activity in applications / services that do not use services, and do not collect passwords entered to unlock the end-user device.

We will use user data for the following purposes:

1 to store and process end-user data for the preparation and provision of our services, including compiled analytical reports;

2 for use on an anonymous basis, in aggregate, for performing “use of applications” analysis and statistical reports, including for the operation and improvement of our services.

We reserve the right to store data about end users that we process on your behalf for as long as we provide services to you, and for a reasonable time thereafter, in accordance with the data storage plan that the Subscriber has acquired, or more long period as required by law.

* appsee subscriber


From this agreement we see that:


  1. appsee does not collect or process any information entered by the user
  2. appsee does not collect or process the device’s IP address and only impersonal information
  3. appsee does not collect or process any information about the device other than information relating to the application
  4. the developer himself chooses which fields will be available for processing appsee
  5. to provide personal data, the developer must obtain the explicit consent of the user to this

Now let's see what information the Burger King app itself collects:


image


From this agreement we see that:


  1. Burger King does not collect or process any biometric-related information.
  2. Burger King does not collect or process data on bank accounts and other personal information directly related to the user, except for: name, surname, date of birth, telephone number, email address, data about the model of the mobile device
  3. BurgerKing in accordance with the laws of the Russian Federation processes your data, namely: collection (receipt), recording, systematization, storage, refinement, retrieval, use, transfer (provision, access), blocking, depersonalization, deletion and destruction of personal data.

ANY other information application Burger King can not handle.


Thank! I sincerely hope that your “ Wonderful article ”, “exposing” burgerings to people, will drown in the minuses. Thank!


UPD: Video recorded in the application from one of the users of Peekaboo: tyk
Comment: tyk

Tags:

Also popular now: